Community Bankers Prepare for Cyber Risks with CISA/ICBA Tabletop Exercises

By Steven Estep

July 22, 2022

It comes as no surprise that cybersecurity tops community bankers’ list of risk concerns. In fact, cybersecurity ranks higher than government regulation, the cost and availability of labor, and inflation, as a chief threat for 2022, according to a Conference of State Bank Supervisors survey. And the Anti-Phishing Working Groupreported that phishing attacks reached an all-time high in the first quarter of 2022, with financial services experiencing a 35 percent increase.

That’s why ICBA partnered with the Cybersecurity and Infrastructure Security Agency (CISA), a division of the U.S. Department of Homeland Security, to create tabletop exercises designed specifically for community bankers. These exercises walk community bankers through scenarios designed to mimic real cyber threats, test bank processes, and help shore up security measures.

“Bank leaders need to understand cybersecurity risk in order to properly allocate resources, both time and money, and to properly understand the risk their bank is facing every day,” said Sarah Getzlaff, CEO of $240 million-asset Security First Bank of North Dakota in Bismarck and a recent CISA-ICBA exercise participant. “We knew these exercises would help us identify opportunities to improve and strengthen all things cybersecurity at our bank.”

Upcoming CISA Training Session

ICBA and the Cybersecurity and Infrastructure Security Agency are hosting two four-hour tabletop exercises on Aug. 30 and 31 to help community banks identify, mitigate, respond to, and recover from cyber incidents.

Learn more and register.

CISA Exercise Takeaways

ICBA offers multiple opportunities to participate in this exclusive member benefit, featuring tabletop exercises designed to accommodate up to 200 community bankers at a time. So, as participating community banks walk through scenarios, they’re afforded the opportunity to hear from other banks for invaluable peer-to-peer learning.

While the insights gleaned will vary based on the bank’s makeup and risk profile, the most recent tabletop exercise offers three primary takeaways:

  1. Put it in writing. Crisis communication plans are critical to maintaining reputation and ensuring adequate response resources.
  2. Define expectations with your partners. Community banks should work with vendors and counsel prior to an incident to define requirements and thresholds so all parties understand their responsibilities during a cyber incident.
  3. Lean on ICBA and your peer network. Community banks can leverage relationships with ICBA and other ICBA members to develop best practices and other resources.

“This exercise was incredibly enlightening but also made it a little harder to sleep at night,” said Getzlaff, who offered the following advice for future community bank participants:

“Bring key decision makers with you, but also bring the team members who will actually be involved in responding to a cyber incident. In a small bank, it’s hard to pull a lot of employees into training or an exercise, but the more team members you can involve, the better.”

To register for the CISA-ICBA Tabletop Exercise, or for community bank-focused mitigation resources, communications tools, and cyber incidents reports from the FS-ISAC, visit ICBA’s cyber and data security resource center.